top of page
-post-ai-image-50026_edited.jpg

Privacy Policy

Your privacy is very important to me, and I endeavour to keep your personal information safe and secure, and only use it for the purpose for which it was given to me.

I adhere to current data protection legislation and will update this privacy policy when required in line with changes in legislation. This notice will tell you what will happen to your data from point of contact through to ending sessions with myself.

I am happy to chat through any aspect of it, you can contact me via rmorrancounselling@protonmail.com.

I am the data controller for my business. As such I am registered with the ICO, my registration reference is ZC012415.

Lawful Basis for Holding Information

 

GDPR states that I must have a lawful basis for holding information about you and processing your personal data. I use the following reasons to do so:

 

Contract: I require your personal details to perform our contract

Legal obligation: I am required to submit tax returns, and so transaction information is legally required to be shared with HMRC if required

Legitimate interest: I have a legitimate interest in collecting and processing personal information in order to provide a counselling service, and meet requirements of my governing bodies and insurers.

 

The GDPR also requires me to look after any sensitive personal information disclosed to me in an appropriate manner. The lawful basis for me processing any special categories of personal information is for the provision of counselling, and that it is necessary to carry out the contract between us.

​​How I use your information

 

Website

My website has been built using Wix, who use some essential cookies to help me understand how people use/navigate the pages. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 

 

Initial Contact

When you contact me to enquire about counselling I will collect information to enable me to respond to your enquiry satisfactorily. This will include contact details, availability, and some information about why you are seeking support. Alternatively a third party, such as a GP or other trusted individual may pass your details onto me when making an enquiry on your behalf.

 

If you decide not to proceed with counselling I will ensure all your personal data is deleted within 90 days, however if you would like me to delete this information sooner please let me know.

 

When Accessing Counselling

Counselling is a confidential service, however there are some exceptions to this:

 

  • If you inform me that you or someone else is at risk of significant hurt or harm, or there is a risk to life. Whilst it is best practice to inform you first, I won’t always do this if it may increase any risk

  • To share information with third parties as requested by yourself (e.g. a GP)

  • If any legislation requires me to disclose information to relevant bodies;  for example the Terrorism Act

  • If you initiate any criminal or civil action against me

  • My own clinical supervision

  • Whilst I take precautions, no electronic communication system can be guaranteed to be completely confidential, so please bear this in mind when sending emails

 

I will keep a record of your personal details to help the counselling service run smoothly.  I will also take short written notes following sessions to enable me to provide the best service to you. These details and notes are kept securely in the notes software WriteUpp. They are a GDPR compliant and ISO27001 certified company, who have also developed systems for the NHS. Their privacy policy can be found here: https://www.writeupp.com/privacy

 

Email correspondence will not be kept longer than 90 days if it is not important. Should an email be needed longer than this then I will keep a copy within your notes on WriteUpp.

 

After Counselling Has Ended

Once counselling has ended your records will be kept for 7 years from the end of our contact with each other, and then securely destroyed. If you would like your data deleted prior to this deadline, please contact me.

 

Throughout our contact I take data security seriously, and therefore only use software and systems that have a high level of protection where possible. I also ensure to use password protected devices and keep all passwords secure.​​

​​​Third Party Recipients of Data

 

I will sometimes need to share data with third parties, for example my accountant, LMC Accountants. I have contracts in place regarding what they are able to do with your data, and their data protection policy can be found on their website.

 

I have a clinical will in place, so if you are in active sessions a trusted colleague will contact you in the event of my death or serious illness.

​​​Your Rights

 

You can read about your rights on the ICO website: https://ico.org.uk/for-the-public/. Should you wish to make a Subject Access Request, request a change of details, or have any questions about data held, then please contact me at rmorrancounselling@protonmail.com and I will respond as promptly as possible and within timeframes required by ICO.

 

You can also use the ICO to lodge a complaint should you not be satisfied with how I have processed your personal information. More information is available here: https://ico.org.uk/for-the-public/how-to-make-a-data-protection-complaint/.

bottom of page